package com.huilian.iotbox.admin.security;

import com.huilian.security.core.authorize.AuthorizeConfigProvider;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.stereotype.Component;

/**
 * @author: 少凡
 * @Date 2018/3/4 16:49
 */
@Component
@Order(Integer.MAX_VALUE)
public class AdminAuthorizeConifgProvider implements AuthorizeConfigProvider {

    @Override
    public void config(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry config) {

        config.antMatchers(
                        "/api/user/userInfo",
                        "/api/file/**",
                        "/api/moneyWithdraw/daiFuNotice",
                        "/api/test/**",
                        "/api/deviceBuyOrder/notice",
                        "/webSocket/*",
                        "/api/deviceBuyOrder/largeTransferNotice",
                        "/api/user/getCode",
                        "/api/user/forgetPassword",
                        "/api/device/v1/getDeviceInfo",
                        "/api/device/v1/registerDevice",
                        "/api/device/uploadAppFile",
                        "/api/device/retFileInfo",
                        "/api/appVersion/**",
                        "/api/device/v1/registerDeviceByAgencyNo",
                        "/api/device/v2/registerDeviceByAgencyNo",
                        "/api/device/v3/registerDeviceByAgencyNo",
                        "/api/setting/v1/findProductParamDataByDeviceNo",
                        "/api/device/v2/queryByCpuId",
                        "/api/device/v3/queryByCpuId",
                        "/api/device/v4/queryByCpuId",
                        "/api/worke-weixin/**",
                        "/api/weixinOpen/getticket",
                        "/api/wxOpen/getAuthUrl",
                        "/api/wxOpen/getRedirectUrl",
                        "/api/weixinOpen/preCallback",
                        "/api/weixinOpen/callback/**",
                        "/api/douYinApi/receive/douYinNotice",
                        "/api/fileExport/download/**",
                        "/api/device/getDeviceInfoFromBurningSoftware",
                        "/api/device/findVendmachByCpuId",
                        "/api/meituan/**"
                )
                .permitAll()
                .anyRequest()
                .access("@rbacService.hasPermission(request,authentication)");
    }

}
